The Tiny Rock

Privacy Policy

Last updated: January 26, 2026

The Tiny Rock ("we," "us," or "our") operates a digital newsletter, reflection prompts, rewards, and related tools (the "Services"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use The Tiny Rock at https://thetinyrock.com (including any subdomains).

By using our Services, you agree to the practices described in this Privacy Policy.

1. Information We Collect

A. Information You Provide

  • Email address (required for subscriptions and communication)
  • Name (optional)
  • Subscription and content preferences
  • Reflections, responses, or prompts you submit through our forms or tools
  • Account information if you create an account or connect external services
  • Payment-related information needed to manage your subscription (handled by our payment provider)

B. Automatically Collected Information

  • IP address
  • Browser type, device type, and operating system
  • Cookies and similar tracking technologies
  • Time zone and language settings
  • Pages visited, clicks, and interaction behavior
  • Approximate geographic location (country/region level)

C. Payments & Billing Data

For subscription purchases, we use a third-party payment provider (Merchant of Record) to process payments and manage billing.

  • We do not store full payment card numbers or bank account details.
  • Our payment provider may collect and process payment data and billing details to complete transactions and comply with legal obligations.
  • We may receive limited information needed to operate the Services, such as subscription status, plan, and transaction metadata (e.g., timestamps and amounts).

2. How We Use Your Information

We use your information to:

  • Send newsletters, updates, and reflection prompts
  • Personalize content and topic recommendations
  • Manage subscriptions and account access
  • Administer participation and rewards programs
  • Analyze engagement and improve our Services
  • Monitor performance and prevent fraud or abuse
  • Comply with legal, tax, and accounting requirements

We do not sell your personal information.

3. Payment Provider

We use Paddle as our payment provider (Merchant of Record) to process subscription payments and manage billing. Paddle handles sensitive payment information directly, and we only receive limited details needed to provide the Services (such as subscription status).

For more information, please see Paddle's Privacy Policy: https://www.paddle.com/legal/privacy.

4. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Keep you signed in and remember preferences
  • Measure traffic and engagement
  • Improve performance and reliability
  • Detect suspicious or abusive activity

You can adjust your browser settings to refuse cookies; however, some features of the Services may not function properly.

5. How We Share Your Information

A. Service Providers

We share information with trusted third parties who help us operate The Tiny Rock, such as:

  • Payment provider (for subscription billing)
  • Hosting and infrastructure providers
  • Email delivery providers
  • Analytics and monitoring tools
  • AI or machine learning providers used to generate content

These providers may only use your data as instructed by us and are required to protect it appropriately.

B. Legal & Compliance

We may disclose information if required by law or if we believe it is reasonably necessary to:

  • Comply with legal obligations or requests
  • Protect our rights, property, or safety
  • Protect users or the public from harm
  • Enforce our Terms of Service

We do not sell, rent, or trade your personal information.

6. Data Retention

We retain your information only as long as necessary to:

  • Provide the Services
  • Maintain accurate records of your account and participation
  • Comply with legal, tax, and accounting requirements
  • Resolve disputes and enforce our agreements

You may request deletion of your information at any time, subject to our legal obligations.

7. Your Rights

Depending on your location and applicable law (for example, GDPR or CCPA), you may have rights to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete information
  • Request deletion of your personal data
  • Export your data in a portable format
  • Restrict or object to certain types of processing
  • Opt out of marketing communications

To exercise these rights, contact us at privacy@thetinyrock.com.

8. International Data Transfers

Data may be processed on servers located in the United States or other countries. We apply appropriate safeguards when transferring data and comply with applicable data protection laws.

9. Security

We use industry-standard security measures to help protect your information, including HTTPS encryption, access controls, and monitoring. However, no system is completely secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Tiny Rock is not intended for children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided personal data, please contact us so we can take appropriate action.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last updated" date above. Your continued use of the Services after any changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, you can reach us at: